GPG now acts just like pageant

With the current version, Gpg4win contains a gpg-agent that can replace putty’s pageant. Gpg-agent will run as a background-process and will manage your gpg-keys. It will provide the necessary information needed by putty to perform an ssh-login.

But some configuration needs to be made first. The configuration file is located in a subdirectory of your user-directory:

c:\users\YOUR_USER_NAME\AppData\Roaming\gnupg\gpg-agent.conf

If gpg-agent.conf does not exist, create it with a text-editor. Add the following code-line:

enable-putty-support

Now, save and close gpg-agent.conf. There are more options available, see the documentation at gnupg.org for details.

Start gpg-agent

Now you can open a windows-command-shell and run gpg-agent --daemon. Make sure that gpg-agent.exe is covered by your PATH environment variable.

windows shell gpg-agent

The agent should start and show something similar to this:

gpg-agent running

The Problem

Now your gpg-agent is running in the background and holds you private gpg key for authentication. The next step would be convert your public gpg key into a public ssh-key to store it on the server in your ~/.ssh/authorized_keys file. If your client machine would run Linux or Mac OS X, everything would be fine. There, you would have a command-line-tool called gpgkey2ssh, which conveniently converts gpg-keys into compatible ssh-keys.

But Gpg4win does not provide this tool. There is no gpgkey2ssh.exe. Bummer!!!

So, as a matter of fact, were are fragged.

You can still log in with putty to the ssh-server now, but you will be asked for your account password all the time. One of SSH’s big advantages, in my opinion, is that this password-request during logins is omitted.

Solutions?

It would be great, if Gpg4win would add gpgkey2ssh.exe.

I have tried to build GnuPG myself in a cygwin environment. It took me some time, but in the end it worked and that build contained a gpgkey2ssh.exe. But it ran only within the cygwin shell. That’s not a solution I would recommend to everyone.